<?
// Some useful functions to prevent SQLi

function escape_string($value)
{
$search = array("\x00", "\n", "\r", "\\", "'", "\"", "\x1a");
$replace = array("\\x00", "\\n", "\\r", "\\\\" ,"\'", "\\\"", "\\\x1a");

return str_replace($search, $replace, $value);
}

function magic_quotes($string) {
	if (TRUE == function_exists('get_magic_quotes_gpc') && 1 == get_magic_quotes_gpc())
	{
		$mqs = strtolower(ini_get('magic_quotes_sybase'));

		if (TRUE == empty($mqs) || 'off' == $mqs)
		{
			$string = stripslashes($string);
		}
	}
	return $string;
}

function clean_array(&$arr, $erase) {
	foreach($arr as &$row) {
		for( $i = 0; $i <= $erase; $i++)
			unset($row[chr(48 + $i)]);
		#clean_array($row['user'],0);
	}
}



?>